Reputation: 2175
Wakanda Server CORS with HTTPS Connections
I have a request handler set up like this:
httpServer.addRequestHandler("^/send-contact-message", "./rest-extensions/contact-messages.js", "sendContactMessage");
I have CORS set up like this:
<cors enabled="true">
<domain name="imagesreimagined.com" methods="post"/>
</cors>
My server is set up with Secure Connections (HTTPS) set to Accept only HTTPS from remote & allow HTTP and HTTPS from localhost. If I send a request from a form with action="https://imagesreimagined.store/send-contact-message", I get an error in the browser stating:
XMLHttpRequest cannot load https://imagesreimagined.store/send-contact-message. Origin http://imagesreimagined.com is not allowed by Access-Control-Allow-Origin.
If I set my server’s Secure Connections (HTTPS) to Accept both HTTP and HTTPS connections and change the form action to http, it works. However, I need all remote connections to be https.
I also tried CORS with the 443 port and got the same error.
<cors enabled="true">
<domain name="imagesreimagined.com:443” methods="post"/>
</cors>
The server calling the Wakanda Server is not SSL, if that makes a difference.
Upvotes: 1
Views: 239
Answers (2)
Reputation: 653
I guess this is not an answer but rather adding more to the question in the hope it helps.
This is amazing. I logged into SO this morning intending to ask this very same question. My setup is very slightly different.
I have my Wakanda server set to accept only SSL connections and set to Accept only HTTPS from remote & allow HTTP and HTTPS from localhost. The Wakanda server is published on port 8443.
On the same machine I have an Apache server running on port 80 that publishes my Angular 2 app.
I spent several hours trying to get CORS to work with no success. I haven't tried running the Angular app on SSL yet, but that sounds like it would be worth a try.
=====================
After further investigation, I found the problem.
Don't include the protocol in the CORS definition.
ie:
Instead of
<domain name="http://app.example.com" methods="post;get;put;delete"/>
It should be:
<domain name="app.example.com" methods="post;get;put;delete"/>
Pretty obvious really but I didn't see it for a long time.
Upvotes: 0
Reputation: 2175
Once I removed the port number from the cors domain name and added SSL to the server that hosts the website posting to the Wakanda Server, it worked.
Upvotes: 1
Related Questions
- Wikidata query CORS issue when making requests with frontend code running from localhost server
- HTTPS and HTTP CORS
- How do I allow CORS requests on mediawiki?
- how to allow ACCESS-CONTROL-ALLOW-ORIGIN aka cross-domain on wampserver
- allowing ACCESS-CONTROL-ALLOW-ORIGIN on wampserver
- Wakanda and SSL: Server Name and how to gracefully handle HTTP requests?
- CORS not working in Wakanda Enterprise 11.0.0.0
- CORS issues while accessing https REST end point
- Add CORS to UseFileServer in OWIN
- CORS support for a Jersey app with WADL